Lucent Sky AVM version 2006 releases
Lucent Sky AVM version 2006 SU1
New features in 2006 SU1
Build and pre-analysis
- Improved support for Razor and configuration files commonly used by mobile apps
- Coverage improvements on the Java binary analysis engine
Source code analysis
- Accuracy and coverage improvements on source code analysis engines
- Improvements on hybrid analysis algorithms
Forth-generation remediation engine is now generally available
- Contextual suggestion are now available in most vulnerability categories
- PHP remediation algorithms have been updated
- Support for CWE v4.2
- Usability improvements of the Web UI
Issues fixed in 2006 SU1
These are the issues addressed in 2006 SU1:
- We fixed an issue where TypeScript files were analyzed but missing from analyzed file list.
- We fixed an issue where Web UI is stuck in a redirect loop after password is changed.
- We fixed an issue where timestamp of a rule package is not properly updated.
- We fixed an issue where source code analysis sometimes fail when no result was found.
- We fixed an issue where some vulnerabilities in Python were misclassified.
Lucent Sky AVM version 2006 MR
New features in 2006 MR
- Automatic build tool detection for .NET Core and Maven projects
- Better support for .NET Core 3.1
Improvements on direct binary analysis
- A directory containing .class files can be specified as the binary analysis target
- Binary analysis target is now specified as analysis target instead of an scan argument
- Binary analysis engine accuracy, stability improvements, and bug fixes
- Additional analysis rules for .NET and JDK applications
- Better support for .NET Core applications
Source code analysis
- Support for Android apps developed with Kotlin
- Source code analysis engine accuracy improvements and bug fixes
- Support for CVSS 3 and priority ratings
- Web UI performance improvements and bug fixes
CLI improvements and bug fixes
Several methods arguments are not backward compatible with previous versions of CLI. For a list of these changes, view the following article in the Lucent Sky Knowledge Base: Get started with Lucent Sky AVM CLI: Migrating CLI scripts to v2006
- 7-Zip files are accepted as source code archive
Support for on-premise cluster
To learn more about creating a cluster on-premise, or migrating on-premise instances to a cluster, view the following article in the Lucent Sky AVM Knowledge Base: Administration guide to CLEAR Engine and Web UI
CLEAR Engine, Web UI, and CLI now require .NET Framework 4.8
Issues fixed in 2006 MR
- We fixed an issue where Ant build fails after scanning Java applications with certain dependencies.
- We fixed an issue where MSBuild v12 cannot be specified in scan arguments.
- We fixed an issue where some scan log entries of C/C++ applications are missing.
- We fixed an issue where results with the ‘WebService’ vector cannot be suppressed.
- We fixed an issue where guest users are unable to sign in on the Web UI.
- We fixed an issue where the name of arguments of the CLI is case sensitive.
- We fixed an issue where licenses might expire up to 12 hours earlier than the expiration date.
- We fixed an issue where the Encoding setting is not preserved during an update.
- We fixed an issue where some log entries may not appear in scan logs when multiple scans are running concurrently.
- We fixed an issue where long path support is inconsistent on Windows Server 2019.